CVE-2024-40963
N/A
N/A
Summary
In the Linux kernel, the following vulnerability has been resolved:
mips: bmips: BCM6358: make sure CBR is correctly set
It was discovered that some device have CBR address set to 0 causing kernel panic when arch_sync_dma_for_cpu_all is called.
This was notice in situation where the system is booted from TP1 and BMIPS_GET_CBR() returns 0 instead of a valid address and !!(read_c0_brcm_cmt_local() & (1 << 31)); not failing.
The current check whether RAC flush should be disabled or not are not enough hence lets check if CBR is a valid address or not.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | d65de5ee8b72868fbbbd39ca73017d0e526fa13a < 10afe5f7d30f6fe50c2b1177549d0e04921fc373 | affected |
| Linux | Linux | 47a449ec09b4479b89dcc6b27ec3829fc82ffafb < 36d771ce6028b886e18a4a8956a5d23688e4e13d | affected |
| Linux | Linux | 65b723644294f1d79770704162c0e8d1f700b6f1 < 89167072fd249e5f23ae2f8093f87da5925cef27 | affected |
| Linux | Linux | 2cdbcff99f15db86a10672fb220379a1ae46ccae < 6c0f6ccd939166f56a904c792d7fcadae43b9085 | affected |
| Linux | Linux | ab327f8acdf8d06601fbf058859a539a9422afff < 2cd4854ef14a487bcfb76c7980675980cad27b52 | affected |
| Linux | Linux | ab327f8acdf8d06601fbf058859a539a9422afff < da895fd6da438af8d9326b8f02d715a9c76c3b5b | affected |
| Linux | Linux | ab327f8acdf8d06601fbf058859a539a9422afff < ce5cdd3b05216b704a704f466fb4c2dff3778caf | affected |
| Linux | Linux | 288c96aa5b5526cd4a946e84ef85e165857693b5 | affected |
| Linux | Linux | 5.4.240 < 5.4.279 | affected |
| Linux | Linux | 5.10.177 < 5.10.221 | affected |
| Linux | Linux | 5.15.106 < 5.15.162 | affected |
| Linux | Linux | 6.1.23 < 6.1.96 | affected |
| Linux | Linux | 6.2.10 < 6.3 | affected |
| Linux | Linux | 6.3 | affected |
| Linux | Linux | 0 < 6.3 | unaffected |
| Linux | Linux | 5.4.279 <= 5.4.* | unaffected |
| Linux | Linux | 5.10.221 <= 5.10.* | unaffected |
| Linux | Linux | 5.15.162 <= 5.15.* | unaffected |
| Linux | Linux | 6.1.96 <= 6.1.* | unaffected |
| Linux | Linux | 6.6.36 <= 6.6.* | unaffected |
| Linux | Linux | 6.9.7 <= 6.9.* | unaffected |
| Linux | Linux | 6.10 <= * | unaffected |
Weaknesses
ADP Enrichment
CVE Program Container
Additional References
- https://git.kernel.org/stable/c/10afe5f7d30f6fe50c2b1177549d0e04921fc373
- https://git.kernel.org/stable/c/36d771ce6028b886e18a4a8956a5d23688e4e13d
- https://git.kernel.org/stable/c/89167072fd249e5f23ae2f8093f87da5925cef27
- https://git.kernel.org/stable/c/6c0f6ccd939166f56a904c792d7fcadae43b9085
- https://git.kernel.org/stable/c/2cd4854ef14a487bcfb76c7980675980cad27b52
- https://git.kernel.org/stable/c/da895fd6da438af8d9326b8f02d715a9c76c3b5b
- https://git.kernel.org/stable/c/ce5cdd3b05216b704a704f466fb4c2dff3778caf
- https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
References
- https://git.kernel.org/stable/c/10afe5f7d30f6fe50c2b1177549d0e04921fc373
- https://git.kernel.org/stable/c/36d771ce6028b886e18a4a8956a5d23688e4e13d
- https://git.kernel.org/stable/c/89167072fd249e5f23ae2f8093f87da5925cef27
- https://git.kernel.org/stable/c/6c0f6ccd939166f56a904c792d7fcadae43b9085
- https://git.kernel.org/stable/c/2cd4854ef14a487bcfb76c7980675980cad27b52
- https://git.kernel.org/stable/c/da895fd6da438af8d9326b8f02d715a9c76c3b5b
- https://git.kernel.org/stable/c/ce5cdd3b05216b704a704f466fb4c2dff3778caf
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.